GDPR Compliance
Our Commitment to Your Data Protection and Privacy Rights
1. Our Commitment to GDPR
Avantwerk is fully committed to complying with the General Data Protection Regulation (GDPR), the landmark privacy and data protection law in the European Union and the United Kingdom. This page outlines our approach to GDPR, your rights as a data subject, and the measures we take to protect your personal data.
2. Your Rights as a Data Subject
Under GDPR, you have several important rights regarding your personal data. We are committed to upholding these rights. You can exercise them at any time by contacting our Data Protection Officer.
The Right to Access: You can request a copy of the personal data we hold about you.
The Right to Rectification: You can ask us to correct any inaccurate or incomplete data.
The Right to Erasure ('Right to be Forgotten'): You can request that we delete your personal data.
The Right to Restrict Processing: You can ask us to temporarily halt the processing of your data.
The Right to Data Portability: You can request a copy of your data in a machine-readable format.
The Right to Object: You can object to us processing your data for certain purposes, such as direct marketing.
3. Avantwerk as Data Controller and Data Processor
Our role under GDPR depends on the context. We are the 'Data Controller' for the information you provide to us to set up and manage your account (e.g., your name, email, billing details). We are the 'Data Processor' for the data you store within the Avantwerk platform (e.g., your customers' information in the CRM). As a processor, we only process this data based on your instructions.
4. Lawful Basis for Processing
We only process personal data when we have a lawful basis to do so. This includes processing based on your consent, for the performance of our contract with you, to comply with legal obligations, or for our legitimate interests, provided these are not overridden by your rights.
5. Data Security and Protection
Protecting your data is our top priority. We have implemented robust technical and organizational measures, including AES-256 encryption for data at rest, TLS 1.3 for data in transit, strict access controls, and regular security audits. Our infrastructure is hosted with leading cloud providers who are also GDPR-compliant.
6. Sub-processors and International Transfers
We use a limited number of third-party service providers (sub-processors) to help us deliver our services. We have vetted these providers and have Data Processing Agreements (DPAs) in place with each. For any data transferred outside the EU/UK, we ensure that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place to protect the data.
How to Exercise Your Rights
To exercise any of your GDPR rights, or if you have any questions about our data protection practices, please contact our Data Protection Officer at [email protected]. We will respond to your request promptly and in accordance with legal requirements.
Powered by Bennovate
Platform
Resources
Company
Legal
© 2025. Avantwerk. All rights reserved.
"Bennovate presents Avantwerk — The All-in-One AI Business Platform"